Cyber News Rundown: Bluetooth Man-in-the-Middle

Paired Bluetooth Devices Vulnerable to Man-in-the-Middle Attacks

A new vulnerability has been discovered that would allow an attacker to easily view the traffic sent between two Bluetooth-paired devices. The core of the vulnerability relies on the attacker’s device being within wireless range of both devices in the process of being paired. Signals from each device can then be intercepted and injected with malicious code before being forwarded to their intended destinations. Fortunately, the Bluetooth Special Interest Group has already implemented several updates so that a public-key validation is now required before pairing with a new device.

Vehicle Supplier Exposes Data for Key Car Manufacturers

A recent blunder from Level One Robotics left over 150 GB of data from several global car manufacturers on a completely unsecured server. The exposed data included factory schematics, secure request forms, and other highly sensitive information related to the assembly line process and personnel. Unfortunately, the server in question was left with public write privileges, enabling any malicious attacker to freely make changes to any of the data it contained.

Singapore Healthcare Provider Suffers After Major Data Breach

Nearly 1.5 million patients are being contacted after a data breach occurred at SingHealth, one of Singapore’s largest healthcare providers. The breach appears to have been thoroughly planned, as the high-level credentials were quickly attained after a single workstation was compromised. While no medical information was stolen, SingHealth has been reaching out to affected patients with regards to possible phishing scams that may result from the breach.

MoneyTaker Group Uses Unpatched Router to Carry Out Bank Heist

Russia’s PIR Bank recently fell victim to a rather sophisticated breach from the hacker group known as MoneyTaker, which has been responsible for over a dozen similar bank-related hacks over the past couple of years. By gaining access to the bank’s network using an outdated router, the group was able to successfully transfer portions of nearly $1 million to at least 17 different accounts before that money was withdrawn at various ATMs across the country. To make matters worse, it appears that the initial breach happened back in May, with the banks not discovering it until the day after the transfers took place.

Blackmail Scammers Cash in on Adult Site Visitors

Within the last week a campaign targeting visitors to several adult sites began making its way through thousands of email accounts. The scam focuses on scaring the victims with video captures of both their screen at the time they visited the adult site as well as video from the victim’s webcam, in hopes of extorting payments in Bitcoin. By viewing the traffic on the provided Bitcoin addresses, at least 30 individuals have paid the demanded price, gaining the scammers over $50,000 so far.

About the Author

Threat Research Analyst

As a Threat Research Analyst, Connor is tasked with discovering and identifying new malware variants, as well as testing current samples to ensure efficacy. Don’t miss the latest security news from around the world in his weekly Cyber News Rundown blog.

“The main fear here is the keychain dump (particularly scary). We are constantly adding new detection criteria to our threat database, and SecureAnywhere for Mac protects against infections that could use this vulnerability.” - #Webroot's Matthew Carman https://t.co/QaPqM79Cr7